|
Plagegeister aller Art und deren Bekämpfung: G-Data Virus fingerprint 74053d60, was tunWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
31.08.2014, 17:36 | #1 |
| G-Data Virus fingerprint 74053d60, was tun http://www.trojaner-board.de/158154-...53d60-tun.html und dazu, wie gewünscht: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014 Ran by mein HP (administrator) on HP on 31-08-2014 16:44:32 Running from C:\Users\mein HP\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe () C:\Program Files (x86)\Opera\23.0.1522.77\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG) HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe, HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-1520565106-2956475918-2871441451-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-1520565106-2956475918-2871441451-1000\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-1520565106-2956475918-2871441451-1000\...\MountPoints2: {af899306-b4b3-11e1-9f27-ac162d0f4917} - G:\pushinst.exe IFEO\hpsf.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\splash.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/ SearchScopes: HKLM - {215C8E07-C755-4936-8A2E-7CCEC2195427} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKLM-x32 - {215C8E07-C755-4936-8A2E-7CCEC2195427} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKCU - {215C8E07-C755-4936-8A2E-7CCEC2195427} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\mein HP\AppData\Roaming\Mozilla\Firefox\Profiles\gudnsiam.default FF Homepage: https://webmail.freenet.de/Email/View/Index FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @phonostar.de/phonostar -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll No File FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Adblock Plus - C:\Users\mein HP\AppData\Roaming\Mozilla\Firefox\Profiles\gudnsiam.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-30] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Program Files (x86)\AdTrustMedia\PrivDog\PrivDog_chrome.crx [] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG) R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG) R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG) R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed] R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed] R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG) S4 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed] S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-06-16] (TuneUp Software) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin) R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH) R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2014-05-18] (G Data Software AG) R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [135168 2014-05-18] (G Data Software AG) R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [68608 2014-05-18] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-05-18] (G Data Software AG) R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-02-17] (GFI Software) R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-05-18] (G Data Software) R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65024 2014-05-18] (G Data Software AG) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-31] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2012-05-16] () S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-08-30] () R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-05-27] (TuneUp Software) S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2012-06-09] (Windows (R) 2000 DDK provider) S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633296 2012-06-09] (Paragon) S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [389968 2012-06-09] (Paragon) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation) S3 Andbus; system32\DRIVERS\lgandbus64.sys [X] S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X] S3 AndGps; system32\DRIVERS\lgandgps64.sys [X] S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X] S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X] S3 motccgp; system32\DRIVERS\motccgp.sys [X] S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X] S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X] S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X] S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-31 16:44 - 2014-08-31 16:44 - 00014117 _____ () C:\Users\mein HP\Desktop\FRST.txt 2014-08-31 16:43 - 2014-08-31 16:44 - 00000000 ____D () C:\FRST 2014-08-31 16:42 - 2014-08-31 16:42 - 02104320 _____ (Farbar) C:\Users\mein HP\Desktop\FRST64.exe 2014-08-31 15:49 - 2014-08-31 15:50 - 00008672 _____ () C:\Users\mein HP\Desktop\hijackthis.log 2014-08-31 15:31 - 2014-08-31 15:31 - 00304857 _____ () C:\Users\mein HP\Downloads\HijackThis_205.zip 2014-08-30 23:29 - 2014-08-30 23:29 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1409434153 2014-08-30 23:29 - 2014-08-30 23:29 - 00001135 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-08-30 23:29 - 2014-08-30 23:29 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-08-30 23:29 - 2014-08-30 23:29 - 00000000 ____D () C:\Users\mein HP\AppData\Roaming\Opera Software 2014-08-30 23:29 - 2014-08-30 23:29 - 00000000 ____D () C:\Users\mein HP\AppData\Local\Opera Software 2014-08-30 23:29 - 2014-08-30 23:29 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-08-30 23:27 - 2014-08-30 23:27 - 01101648 _____ () C:\Users\mein HP\Downloads\Opera - CHIP-Installer.exe 2014-08-30 23:00 - 2014-08-30 23:00 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-08-30 23:00 - 2014-08-30 23:00 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-08-30 23:00 - 2014-08-30 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-08-30 23:00 - 2014-08-30 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-08-30 22:54 - 2014-08-31 09:55 - 00000168 _____ () C:\Windows\setupact.log 2014-08-30 22:54 - 2014-08-30 22:54 - 00000000 _____ () C:\Windows\setuperr.log 2014-08-30 22:51 - 2014-08-30 22:53 - 00000811 _____ () C:\Users\mein HP\Downloads\Stinger_30082014_225142.html 2014-08-30 22:50 - 2014-08-31 12:50 - 00017013 _____ () C:\Windows\WindowsUpdate.log 2014-08-30 22:36 - 2014-08-30 22:54 - 00030720 ___SH () C:\Users\mein HP\Desktop\Thumbs.db 2014-08-30 21:47 - 2014-08-30 21:48 - 00000000 ____D () C:\Program Files\SlimCleaner Plus 2014-08-30 21:47 - 2014-08-30 21:47 - 00000000 ____D () C:\ProgramData\SlimWare Utilities Inc 2014-08-30 21:46 - 2014-08-30 21:46 - 00000000 ____D () C:\Users\mein HP\AppData\Local\Downloaded Installers 2014-08-30 21:29 - 2014-08-30 21:47 - 00000000 ____D () C:\Users\mein HP\AppData\Local\SlimWare Utilities Inc 2014-08-30 21:29 - 2014-08-30 21:29 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys 2014-08-30 21:29 - 2014-08-30 21:29 - 00000000 ____D () C:\Quarantine 2014-08-30 21:26 - 2014-08-30 21:29 - 00000811 _____ () C:\Users\mein HP\Downloads\Stinger_30082014_212649.html 2014-08-30 21:26 - 2014-08-30 21:26 - 12378472 _____ (McAfee Inc) C:\Users\mein HP\Downloads\stinger64.exe 2014-08-30 21:24 - 2014-08-30 21:44 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate 2014-08-30 21:24 - 2014-08-30 21:24 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers 2014-08-30 21:22 - 2014-08-30 21:22 - 01101648 _____ () C:\Users\mein HP\Downloads\McAfee Labs Stinger 64 Bit - CHIP-Installer.exe 2014-08-30 20:24 - 2014-08-31 11:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-30 20:24 - 2014-08-30 20:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\mein HP\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager [1].exe 2014-08-30 20:24 - 2014-08-30 20:24 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-30 20:24 - 2014-08-30 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-30 20:24 - 2014-08-30 20:24 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-30 20:24 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-08-30 20:24 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-08-30 20:24 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-08-30 20:23 - 2014-08-30 20:23 - 00816064 _____ ( ) C:\Users\mein HP\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager.exe 2014-08-28 08:19 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-28 08:19 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-28 08:19 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-24 18:54 - 2014-08-31 13:30 - 00000000 ____D () C:\Users\mein HP\Desktop\ebay neu 2014-08-22 14:39 - 2014-08-31 13:30 - 00000000 ____D () C:\Users\mein HP\Desktop\Originals 2014-08-20 21:13 - 2014-08-20 21:13 - 00000000 ____D () C:\Users\mein HP\AppData\Local\Adobe 2014-08-20 20:32 - 2014-08-20 20:33 - 22361472 _____ (Microsoft Corporation) C:\Users\mein HP\Downloads\IPx64_1031_8.20.468.0.exe 2014-08-20 20:30 - 2014-08-20 20:30 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe 2014-08-20 20:30 - 2014-08-20 20:30 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe 2014-08-20 20:30 - 2014-08-20 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center 2014-08-20 20:30 - 2014-08-20 20:30 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center 2014-08-20 20:28 - 2014-08-20 20:29 - 50284752 _____ (Microsoft Corporation) C:\Users\mein HP\Downloads\MouseKeyboardCenter_64bit_DEU_2.3.188.exe 2014-08-19 12:57 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-08-19 12:57 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2014-08-19 12:51 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2014-08-19 12:51 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2014-08-19 12:51 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll 2014-08-19 12:51 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll 2014-08-19 12:50 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-08-19 12:50 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-08-19 12:44 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2014-08-19 12:44 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-08-19 12:44 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-08-19 12:44 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2014-08-19 12:44 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2014-08-19 12:44 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-08-19 12:44 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-08-19 12:44 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2014-08-19 12:44 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2014-08-19 12:44 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2014-08-19 12:44 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2014-08-19 12:44 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2014-08-19 12:44 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-08-19 12:44 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-08-19 12:44 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2014-08-19 12:44 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-08-19 12:43 - 2014-08-19 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-08-19 12:42 - 2014-08-19 12:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-08-19 12:42 - 2014-08-19 12:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-08-19 12:42 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-08-19 12:42 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-08-19 11:36 - 2014-08-19 11:36 - 00064416 _____ () C:\Users\mein HP\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-18 14:30 - 2014-08-28 19:21 - 00296544 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-14 09:28 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-14 09:28 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-08-14 09:28 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-14 09:28 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-14 09:28 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-14 09:28 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-14 09:28 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-08-14 09:28 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-08-14 08:02 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-14 08:02 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-14 08:02 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-14 08:02 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-14 08:02 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-08-14 08:02 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-14 08:02 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-14 08:02 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-14 08:02 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-08-14 08:02 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-14 08:02 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-08-14 08:02 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-14 08:02 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-14 08:02 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-14 08:02 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-14 08:02 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-14 08:02 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-14 08:02 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-08-14 08:02 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-14 08:02 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-14 08:02 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-08-14 08:02 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-14 08:02 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-14 08:02 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-14 08:02 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-14 08:02 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-14 08:02 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-14 08:02 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-14 08:02 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-14 08:02 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-14 08:02 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-14 08:02 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-14 08:02 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-14 08:02 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-08-14 08:02 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-08-14 08:02 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-14 08:02 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-14 08:02 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-14 08:02 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-14 08:02 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-14 08:02 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-14 08:02 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-08-14 08:02 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-14 08:02 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-14 08:02 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-14 08:02 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-14 08:02 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-14 08:02 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-14 08:02 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-14 08:02 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-14 08:02 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-14 08:02 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-14 08:02 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-14 08:02 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-08-14 08:02 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-14 08:02 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-14 08:02 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-14 08:02 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-08-14 08:02 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-08-14 08:02 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-08-14 08:02 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-08-14 08:02 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-08-14 08:02 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-08-14 08:02 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-08-14 08:02 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-08-14 08:02 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-08-14 08:02 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-08-14 08:02 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-08-14 08:02 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-08-14 08:02 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-08-14 08:02 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-08-14 08:02 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-08-14 08:02 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-14 08:02 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-14 08:02 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-14 08:02 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-14 08:02 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-14 08:02 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-08-14 08:02 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-08-14 08:02 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-08-14 08:01 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-14 08:01 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-14 08:01 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-08-14 08:01 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-08-11 22:52 - 2014-08-11 22:52 - 00000355 _____ () C:\Users\mein HP\Desktop\Computer - Verknüpfung.lnk 2014-08-03 12:49 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-08-03 12:49 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-08-03 12:49 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-08-03 12:49 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-08-03 12:49 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-08-03 12:49 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-08-03 12:49 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-08-03 12:49 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-08-03 12:49 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-08-03 12:49 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-08-03 12:49 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-08-03 12:49 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-08-03 12:49 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-08-03 12:49 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-31 16:44 - 2014-08-31 16:44 - 00014117 _____ () C:\Users\mein HP\Desktop\FRST.txt 2014-08-31 16:44 - 2014-08-31 16:43 - 00000000 ____D () C:\FRST 2014-08-31 16:42 - 2014-08-31 16:42 - 02104320 _____ (Farbar) C:\Users\mein HP\Desktop\FRST64.exe 2014-08-31 15:50 - 2014-08-31 15:49 - 00008672 _____ () C:\Users\mein HP\Desktop\hijackthis.log 2014-08-31 15:48 - 2013-11-29 14:14 - 00388608 _____ (Trend Micro Inc.) C:\Users\mein HP\Desktop\HijackThis_205.exe 2014-08-31 15:31 - 2014-08-31 15:31 - 00304857 _____ () C:\Users\mein HP\Downloads\HijackThis_205.zip 2014-08-31 13:47 - 2014-06-10 12:00 - 00000000 ____D () C:\Users\mein HP\Desktop\alles 2014-08-31 13:30 - 2014-08-24 18:54 - 00000000 ____D () C:\Users\mein HP\Desktop\ebay neu 2014-08-31 13:30 - 2014-08-22 14:39 - 00000000 ____D () C:\Users\mein HP\Desktop\Originals 2014-08-31 12:50 - 2014-08-30 22:50 - 00017013 _____ () C:\Windows\WindowsUpdate.log 2014-08-31 11:13 - 2014-08-30 20:24 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-31 10:03 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-31 10:03 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-31 09:56 - 2013-02-22 18:05 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-08-31 09:55 - 2014-08-30 22:54 - 00000168 _____ () C:\Windows\setupact.log 2014-08-31 09:55 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-30 23:29 - 2014-08-30 23:29 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1409434153 2014-08-30 23:29 - 2014-08-30 23:29 - 00001135 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-08-30 23:29 - 2014-08-30 23:29 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-08-30 23:29 - 2014-08-30 23:29 - 00000000 ____D () C:\Users\mein HP\AppData\Roaming\Opera Software 2014-08-30 23:29 - 2014-08-30 23:29 - 00000000 ____D () C:\Users\mein HP\AppData\Local\Opera Software 2014-08-30 23:29 - 2014-08-30 23:29 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-08-30 23:27 - 2014-08-30 23:27 - 01101648 _____ () C:\Users\mein HP\Downloads\Opera - CHIP-Installer.exe 2014-08-30 23:00 - 2014-08-30 23:00 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-08-30 23:00 - 2014-08-30 23:00 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-08-30 23:00 - 2014-08-30 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-08-30 23:00 - 2014-08-30 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-08-30 22:54 - 2014-08-30 22:54 - 00000000 _____ () C:\Windows\setuperr.log 2014-08-30 22:54 - 2014-08-30 22:36 - 00030720 ___SH () C:\Users\mein HP\Desktop\Thumbs.db 2014-08-30 22:54 - 2014-01-27 21:42 - 00000000 ____D () C:\Program Files\stinger 2014-08-30 22:54 - 2013-02-17 11:53 - 00000118 ___RH () C:\Users\mein HP\Downloads\Stinger.opt 2014-08-30 22:53 - 2014-08-30 22:51 - 00000811 _____ () C:\Users\mein HP\Downloads\Stinger_30082014_225142.html 2014-08-30 22:32 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-08-30 22:26 - 2012-10-07 16:59 - 00000000 ____D () C:\Users\mein HP\AppData\Local\Google 2014-08-30 22:26 - 2012-10-07 16:59 - 00000000 ____D () C:\Program Files (x86)\Google 2014-08-30 21:48 - 2014-08-30 21:47 - 00000000 ____D () C:\Program Files\SlimCleaner Plus 2014-08-30 21:47 - 2014-08-30 21:47 - 00000000 ____D () C:\ProgramData\SlimWare Utilities Inc 2014-08-30 21:47 - 2014-08-30 21:29 - 00000000 ____D () C:\Users\mein HP\AppData\Local\SlimWare Utilities Inc 2014-08-30 21:46 - 2014-08-30 21:46 - 00000000 ____D () C:\Users\mein HP\AppData\Local\Downloaded Installers 2014-08-30 21:44 - 2014-08-30 21:24 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate 2014-08-30 21:29 - 2014-08-30 21:29 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys 2014-08-30 21:29 - 2014-08-30 21:29 - 00000000 ____D () C:\Quarantine 2014-08-30 21:29 - 2014-08-30 21:26 - 00000811 _____ () C:\Users\mein HP\Downloads\Stinger_30082014_212649.html 2014-08-30 21:26 - 2014-08-30 21:26 - 12378472 _____ (McAfee Inc) C:\Users\mein HP\Downloads\stinger64.exe 2014-08-30 21:24 - 2014-08-30 21:24 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers 2014-08-30 21:22 - 2014-08-30 21:22 - 01101648 _____ () C:\Users\mein HP\Downloads\McAfee Labs Stinger 64 Bit - CHIP-Installer.exe 2014-08-30 20:24 - 2014-08-30 20:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\mein HP\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager [1].exe 2014-08-30 20:24 - 2014-08-30 20:24 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-30 20:24 - 2014-08-30 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-30 20:24 - 2014-08-30 20:24 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-30 20:24 - 2012-08-21 14:39 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-30 20:23 - 2014-08-30 20:23 - 00816064 _____ ( ) C:\Users\mein HP\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager.exe 2014-08-29 19:32 - 2012-05-16 05:03 - 00699416 _____ () C:\Windows\system32\perfh007.dat 2014-08-29 19:32 - 2012-05-16 05:03 - 00149556 _____ () C:\Windows\system32\perfc007.dat 2014-08-29 19:32 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-08-28 19:21 - 2014-08-18 14:30 - 00296544 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-28 08:14 - 2012-11-03 12:05 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleFormein HP.job 2014-08-27 20:26 - 2012-06-20 20:31 - 00000000 ____D () C:\Users\mein HP\AppData\Roaming\HpUpdate 2014-08-27 19:33 - 2012-11-03 12:05 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleFormein HP 2014-08-27 19:32 - 2012-07-18 15:15 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-08-27 19:32 - 2012-06-12 22:20 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2014-08-27 19:29 - 2012-06-20 20:31 - 00000000 ____D () C:\Users\mein HP\AppData\Roaming\HP Support Assistant 2014-08-23 04:07 - 2014-08-28 08:19 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-23 03:45 - 2014-08-28 08:19 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-23 02:59 - 2014-08-28 08:19 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-21 14:34 - 2012-06-24 21:46 - 00003072 ____H () C:\Users\mein HP\Desktop\photothumb.db 2014-08-20 21:13 - 2014-08-20 21:13 - 00000000 ____D () C:\Users\mein HP\AppData\Local\Adobe 2014-08-20 21:13 - 2012-07-24 14:55 - 00000000 ____D () C:\ProgramData\CanonIJ 2014-08-20 21:13 - 2012-07-24 14:46 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-08-20 20:33 - 2014-08-20 20:32 - 22361472 _____ (Microsoft Corporation) C:\Users\mein HP\Downloads\IPx64_1031_8.20.468.0.exe 2014-08-20 20:30 - 2014-08-20 20:30 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe 2014-08-20 20:30 - 2014-08-20 20:30 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe 2014-08-20 20:30 - 2014-08-20 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center 2014-08-20 20:30 - 2014-08-20 20:30 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center 2014-08-20 20:30 - 2014-01-29 23:54 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe 2014-08-20 20:30 - 2012-08-15 23:39 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe 2014-08-20 20:30 - 2012-06-15 21:07 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe 2014-08-20 20:29 - 2014-08-20 20:28 - 50284752 _____ (Microsoft Corporation) C:\Users\mein HP\Downloads\MouseKeyboardCenter_64bit_DEU_2.3.188.exe 2014-08-20 19:45 - 2012-06-12 19:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-20 18:24 - 2012-06-12 19:49 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-08-20 18:23 - 2012-06-12 19:49 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-08-20 18:23 - 2012-05-16 05:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-19 18:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-08-19 12:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-08-19 12:46 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-08-19 12:43 - 2014-08-19 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-08-19 12:42 - 2014-08-19 12:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-08-19 12:42 - 2014-08-19 12:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-08-19 11:36 - 2014-08-19 11:36 - 00064416 _____ () C:\Users\mein HP\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-18 13:57 - 2012-06-26 11:11 - 00000000 ____D () C:\Users\mein HP\AppData\Roaming\SoftGrid Client 2014-08-14 09:31 - 2013-08-15 09:42 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-14 09:30 - 2012-06-15 19:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-14 09:28 - 2014-04-30 09:25 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-08-11 22:52 - 2014-08-11 22:52 - 00000355 _____ () C:\Users\mein HP\Desktop\Computer - Verknüpfung.lnk 2014-08-07 04:06 - 2014-08-14 08:01 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-07 04:01 - 2014-08-14 08:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-05 22:47 - 2012-05-16 05:29 - 00000000 ____D () C:\Program Files (x86)\Windows Live 2014-08-05 22:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-08-05 22:45 - 2012-07-04 22:07 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-08-05 22:44 - 2012-05-16 05:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2014-08-05 22:42 - 2012-07-24 14:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2014-08-05 22:42 - 2012-07-24 14:36 - 00000000 ____D () C:\Program Files (x86)\Canon 2014-08-01 01:41 - 2014-08-14 08:02 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-01 01:16 - 2014-08-14 08:02 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll Some content of TEMP: ==================== C:\Users\mein HP\AppData\Local\Temp\scp5CC0.tmp.exe C:\Users\mein HP\AppData\Local\Temp\SlimCleanerPlus.x64.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-18 18:15 ==================== End Of Log ============================ Addition ------------------------------------------- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2014 Ran by mein HP at 2014-08-31 16:45:13 Running from C:\Users\mein HP\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0} AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Admin Utilities (HKLM-x32\...\{72C21374-4656-4913-98FC-46707B06EF57}) (Version: 1.00.0000 - SYDATEC) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.4.402.265 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin) Camera RAW Plug-In for EPSON Creativity Suite (HKLM-x32\...\{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}) (Version: 2.2.0.0 - SEIKO EPSON CORPORATION) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - ) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - ) Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - ) Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - ) Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform) G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG) Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard) Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Java 7 Update 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle) Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) NVIDIA 3D Vision Controller-Treiber 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation) NVIDIA Grafiktreiber 296.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.28 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.16.0 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.75.420 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation) NVIDIA Systemsteuerung 296.28 (Version: 296.28 - NVIDIA Corporation) Hidden NVIDIA Update 1.7.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.12 - NVIDIA Corporation) NVIDIA Update Components (Version: 1.7.12 - NVIDIA Corporation) Hidden OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation) Opera Stable 23.0.1522.77 (HKLM-x32\...\Opera 23.0.1522.77) (Version: 23.0.1522.77 - Opera Software ASA) Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6463 - Realtek Semiconductor Corp.) Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.324 - TuneUp Software) Hidden TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.324 - TuneUp Software) TuneUp Utilities 2014 (x32 Version: 14.0.1000.324 - TuneUp Software) Hidden TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.171 - TuneUp Software) Hidden VIP Access SDK (1.0.1.4) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.4 - Symantec Inc.) Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden Windows 7 Codec Pack 4.0.3 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.3 - Windows 7 Codec Pack) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Wise Folder Hider 1.24 (HKLM-x32\...\Wise Folder Hider_is1) (Version: - WiseCleaner.com, Inc.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 18-08-2014 18:39:34 Geplanter Prüfpunkt 19-08-2014 10:42:13 Windows Update 19-08-2014 10:42:20 DCInstallRestorePoint 19-08-2014 10:43:29 Windows Modules Installer 19-08-2014 10:43:44 Windows Modules Installer 19-08-2014 10:43:54 Windows Modules Installer 19-08-2014 10:50:54 Windows Update 19-08-2014 10:57:40 Windows Update 20-08-2014 18:30:17 DCInstallRestorePoint 28-08-2014 07:41:35 Windows Update 30-08-2014 19:42:46 Removed DriverUpdate 30-08-2014 19:43:45 Removed DriverUpdate 30-08-2014 19:48:00 Removed SlimCleaner Plus 30-08-2014 20:25:50 Revo Uninstaller's restore point - Google Chrome 30-08-2014 20:27:59 Revo Uninstaller's restore point - Mozilla Firefox 31.0 (x86 de) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0E1E2ACC-E58D-45E5-8CD7-7D5C7CE8C845} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe Task: {144AA755-4F50-4A45-8F53-CE7196096D15} - System32\Tasks\Opera scheduled Autoupdate 1409434153 => C:\Program Files (x86)\Opera\launcher.exe [2014-08-14] (Opera Software) Task: {1B142228-9DBF-48A2-8FE4-E086A1E83E70} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe Task: {1D5E0CE5-4EC1-4C11-9722-73B673FC821F} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {2AAB82EA-A96D-4916-8811-24A4C0411755} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe Task: {37092632-6014-41BA-A089-B614C61CA5F6} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe Task: {38ED2F44-B443-4A2C-815E-4F41FA8B531C} - System32\Tasks\Lexware-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe Task: {3C63479A-036F-4C70-9C14-1852BADCD050} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {404930B7-BE4E-4C73-B829-7C0151CA0B50} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe Task: {580ABF83-879B-4A15-90F6-0CEB60F094FB} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe Task: {5B72A4C6-ACCD-4950-93F0-C48F0ACDBA53} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-06-16] (TuneUp Software) Task: {7832F013-385B-4C53-B14C-7B6F34A3A424} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe Task: {79AECF54-B17E-4C06-B37E-877F7E8BC0E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-08-04] (Hewlett-Packard) Task: {7A6CF495-3783-47DE-9D6F-9BAA2A31D761} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard) Task: {85D32074-FC52-41FE-B379-D616016EED12} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {931BE5FD-B2B7-4F7F-B60A-78405CC0694B} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.) Task: {961F1800-CB7C-480C-9E69-99F64092CF70} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {968E02E1-445C-47EA-B91F-BC5CE4CED88B} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe Task: {A1DED1E4-C902-4ECF-AD31-DE55722CC48F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated) Task: {A24B73D1-3CED-4FD7-A992-1B170304BABD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-20] (Adobe Systems Incorporated) Task: {B6B01A2F-FB3E-49AF-923B-860B5C0E71D4} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe Task: {BE0DEB23-70F7-4730-AE1A-38C9C9C619B9} - System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} => C:\ProgramData\cis39C5.exe Task: {D6876F2D-9374-4D04-9229-FB5EE1BC3320} - System32\Tasks\HPCeeScheduleFormein HP => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {DE019F3C-572F-4BC0-A740-5D20E8D7D2BA} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {E0990305-7586-464E-8D02-A9FF948800D9} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe Task: {E4D21AE2-9782-4936-B839-474D9554D47A} - System32\Tasks\{E2C386F2-489F-4EF0-8EA6-1596BD9F537C} => Firefox.exe hxxp://ui.skype.com/ui/0/5.3.0.111.396/de/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled Task: {EB3A1EB4-3AC0-4764-95DA-179B3F15E3D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {F266E08E-2423-4807-BBEB-0383819EBCA6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd) Task: {F2AF3064-19C7-4AA0-B0FE-7544C23E8EFF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-08-04] (Hewlett-Packard) Task: {F89E50C6-C7E1-489B-BBF2-952456E01147} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {FDC8317B-B389-48F5-927F-89BAF1D1E97F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\HPCeeScheduleFormein HP.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2014-06-16 13:14 - 2014-06-16 13:14 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll 2013-12-19 04:42 - 2013-12-19 04:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll 2014-08-30 23:29 - 2014-08-14 13:19 - 01401464 _____ () C:\Program Files (x86)\Opera\23.0.1522.77\opera_crashreporter.exe 2014-08-30 23:29 - 2014-08-14 13:19 - 00880248 _____ () C:\Program Files (x86)\Opera\23.0.1522.77\libglesv2.dll 2014-08-30 23:29 - 2014-08-14 13:19 - 00135800 _____ () C:\Program Files (x86)\Opera\23.0.1522.77\libegl.dll 2014-08-30 23:29 - 2014-08-14 13:19 - 00957048 _____ () C:\Program Files (x86)\Opera\23.0.1522.77\ffmpegsumo.dll 2014-08-20 18:23 - 2014-08-20 18:23 - 17048240 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll 2014-08-30 23:00 - 2014-07-17 07:42 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\Windows\pss\Start GeekBuddy.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^mein HP^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch MSCONFIG\startupreg: NCPluginUpdater => "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe MSCONFIG\startupreg: phonostar-PlayerTimer => "C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/18/2014 01:57:48 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Microsoft Office Klick-und-Los 2010 wird entfernt; Fehler = 0x80042302). Error: (08/18/2014 01:57:48 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "GetProviderMgmtInterface" ist ein unerwarteter Fehler aufgetreten. hr = 0x8004230f, Unerwarteter Fehler beim Schattenkopieanbieter bei dem Versuch, den angegebenen Vorgang zu verarbeiten. . Error: (08/18/2014 01:57:48 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. ] ist ein Fehler aufgetreten. Vorgang: Für diesen Anbieter eine aufrufbare Schnittstelle abrufen Anbieterverwaltungsschnittstelle wird abgerufen Kontext: Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Klassen-ID: {00000000-0000-0000-0000-000000000000} Snapshotkontext: -1 Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (08/18/2014 01:57:48 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. ] Vorgang: Für diesen Anbieter eine aufrufbare Schnittstelle abrufen Anbieterverwaltungsschnittstelle wird abgerufen Kontext: Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Klassen-ID: {00000000-0000-0000-0000-000000000000} Snapshotkontext: -1 Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (08/18/2014 01:57:45 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Microsoft Office Klick-und-Los 2010 wird entfernt; Fehler = 0x80042302). Error: (08/18/2014 01:57:45 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "GetProviderMgmtInterface" ist ein unerwarteter Fehler aufgetreten. hr = 0x8004230f, Unerwarteter Fehler beim Schattenkopieanbieter bei dem Versuch, den angegebenen Vorgang zu verarbeiten. . Error: (08/18/2014 01:57:45 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. ] ist ein Fehler aufgetreten. Vorgang: Für diesen Anbieter eine aufrufbare Schnittstelle abrufen Anbieterverwaltungsschnittstelle wird abgerufen Kontext: Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Klassen-ID: {00000000-0000-0000-0000-000000000000} Snapshotkontext: -1 Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (08/18/2014 01:57:45 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. ] Vorgang: Für diesen Anbieter eine aufrufbare Schnittstelle abrufen Anbieterverwaltungsschnittstelle wird abgerufen Kontext: Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Klassen-ID: {00000000-0000-0000-0000-000000000000} Snapshotkontext: -1 Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (08/18/2014 01:57:27 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Microsoft Office 2010 wird entfernt; Fehler = 0x80042302). Error: (08/18/2014 01:57:27 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "GetProviderMgmtInterface" ist ein unerwarteter Fehler aufgetreten. hr = 0x8004230f, Unerwarteter Fehler beim Schattenkopieanbieter bei dem Versuch, den angegebenen Vorgang zu verarbeiten. . System errors: ============= Error: (08/31/2014 00:49:38 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (08/31/2014 09:58:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Error: (08/31/2014 09:58:06 AM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error: (08/31/2014 09:56:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: UimBus Uim_IM Uim_VIM Error: (08/31/2014 02:20:51 AM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (08/31/2014 00:38:37 AM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (08/31/2014 00:38:33 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (08/30/2014 11:03:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Error: (08/30/2014 11:03:46 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error: (08/30/2014 11:01:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: UimBus Uim_IM Uim_VIM Microsoft Office Sessions: ========================= Error: (08/18/2014 01:57:48 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\Windows\system32\msiexec.exe /VMicrosoft Office Klick-und-Los 2010 wird entfernt0x80042302 Error: (08/18/2014 01:57:48 PM) (Source: VSS) (EventID: 8193) (User: ) Description: GetProviderMgmtInterface0x8004230f, Unerwarteter Fehler beim Schattenkopieanbieter bei dem Versuch, den angegebenen Vorgang zu verarbeiten. Error: (08/18/2014 01:57:48 PM) (Source: VSS) (EventID: 12292) (User: ) Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Für diesen Anbieter eine aufrufbare Schnittstelle abrufen Anbieterverwaltungsschnittstelle wird abgerufen Kontext: Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Klassen-ID: {00000000-0000-0000-0000-000000000000} Snapshotkontext: -1 Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (08/18/2014 01:57:48 PM) (Source: VSS) (EventID: 13) (User: ) Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Für diesen Anbieter eine aufrufbare Schnittstelle abrufen Anbieterverwaltungsschnittstelle wird abgerufen Kontext: Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Klassen-ID: {00000000-0000-0000-0000-000000000000} Snapshotkontext: -1 Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (08/18/2014 01:57:45 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\Windows\system32\msiexec.exe /VMicrosoft Office Klick-und-Los 2010 wird entfernt0x80042302 Error: (08/18/2014 01:57:45 PM) (Source: VSS) (EventID: 8193) (User: ) Description: GetProviderMgmtInterface0x8004230f, Unerwarteter Fehler beim Schattenkopieanbieter bei dem Versuch, den angegebenen Vorgang zu verarbeiten. Error: (08/18/2014 01:57:45 PM) (Source: VSS) (EventID: 12292) (User: ) Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Für diesen Anbieter eine aufrufbare Schnittstelle abrufen Anbieterverwaltungsschnittstelle wird abgerufen Kontext: Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Klassen-ID: {00000000-0000-0000-0000-000000000000} Snapshotkontext: -1 Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (08/18/2014 01:57:45 PM) (Source: VSS) (EventID: 13) (User: ) Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Für diesen Anbieter eine aufrufbare Schnittstelle abrufen Anbieterverwaltungsschnittstelle wird abgerufen Kontext: Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Klassen-ID: {00000000-0000-0000-0000-000000000000} Snapshotkontext: -1 Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (08/18/2014 01:57:27 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\Windows\system32\msiexec.exe /VMicrosoft Office 2010 wird entfernt0x80042302 Error: (08/18/2014 01:57:27 PM) (Source: VSS) (EventID: 8193) (User: ) Description: GetProviderMgmtInterface0x8004230f, Unerwarteter Fehler beim Schattenkopieanbieter bei dem Versuch, den angegebenen Vorgang zu verarbeiten. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz Percentage of memory in use: 50% Total physical RAM: 8172.83 MB Available physical RAM: 4012.78 MB Total Pagefile: 16343.84 MB Available Pagefile: 11182.81 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:944.04 GB) (Free:897.83 GB) NTFS Drive d: (HP_RECOVERY) (Fixed) (Total:13.01 GB) (Free:1.6 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive g: (Laufwerk) (Fixed) (Total:905.86 GB) (Free:886.36 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4F4C6D59) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=944 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=905.9 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
31.08.2014, 18:02 | #2 |
/// TB-Ausbilder | G-Data Virus fingerprint 74053d60, was tun Hi,
__________________das Log sieht gut aus. Bemerkst du denn noch irgendwelche Probleme? ESET Online Scanner
__________________ |
31.08.2014, 18:10 | #3 | |
| G-Data Virus fingerprint 74053d60, was tunZitat:
Danke für deine Antwort, und dafür, dass du dir die Zeit genommen hast, meine Log´s durchzuarbeiten! Bisher habe ich keine Probleme und auch keine erneute Virenmeldung bekommen...sollte ich trotzdem den ESET-Scan durchführen??? Vielen Dank nochmals... |
31.08.2014, 18:18 | #4 |
/// TB-Ausbilder | G-Data Virus fingerprint 74053d60, was tun ESET wäre einfach noch eine gründliche Zweitmeinung durch einen Signaturenscanner. Kannst du machen, wenn du magst, ist aber nicht zwingend.
__________________ cheers, Leo |
31.08.2014, 20:15 | #5 | ||||
| G-Data Virus fingerprint 74053d60, was tunZitat:
Vielen lieben Dank! Zitat:
ESET läuft grad...und hat 3 Bedrohungen gefunden... Zitat:
C:\Users\mein HP\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager.exe Variante von Win32/InstallCore.QH evtl. unerwünschte Anwendung C:\Users\mein HP\Programme - Download\ashampoo_burning_studio_6_free_6.83_4312.exe Win32/Toolbar.Conduit evtl. unerwünschte Anwendung C:\Users\mein HP\Programme - Download\youtube-downloader-3-9-6.exe Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung Zitat:
----------------------------------------------------------------- Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=c22e1cb87f05c547808653c46cfd5ba0 # engine=19927 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2014-08-31 07:04:32 # local_time=2014-08-31 09:04:32 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 26131364 161141722 0 0 # scanned=148216 # found=3 # cleaned=0 # scan_time=5012 sh=72A25E9732F5FEFEBB83E08E8AA653B75B00995E ft=1 fh=7dcb11e9b84159a1 vn="Variante von Win32/InstallCore.QH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\mein HP\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager.exe" sh=A0867E6C018019D4E76B0DA3E067413C1E9193D5 ft=1 fh=25de646db16c1e53 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\mein HP\Programme - Download\ashampoo_burning_studio_6_free_6.83_4312.exe" sh=448A3D3FC7ED990C2A74FA9FDA2E7F42971096EB ft=1 fh=32201094c340bda6 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\mein HP\Programme - Download\youtube-downloader-3-9-6.exe" |
31.08.2014, 20:57 | #6 |
/// TB-Ausbilder | G-Data Virus fingerprint 74053d60, was tun Diese Funde sind gar kein Problem, nur 3 Setups, die ein bisschen Adware dabei haben. Deinstalliere oder update "Java 7 Update 7" und dann ist alles in Ordnung.
__________________ --> G-Data Virus fingerprint 74053d60, was tun |
31.08.2014, 22:31 | #7 | |
| G-Data Virus fingerprint 74053d60, was tunZitat:
Vielen, vielen Dank!!! eine schöne Woche wünscht der Tobi... |
01.09.2014, 00:09 | #8 |
/// TB-Ausbilder | G-Data Virus fingerprint 74053d60, was tun Danke, dir auch eine schöne Woche. Freut mich, dass wir helfen konnten. Falls du dem Forum noch Verbesserungsvorschläge, Kritik oder ein Lob mitgeben möchtest, kannst du das hier tun. Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten. Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________ cheers, Leo |
Themen zu G-Data Virus fingerprint 74053d60, was tun |
0x8007042, 74053d60, ad-aware, adware, antivirus, browser, canon, fehler, firefox, flash player, g-data, g-data virus, helper, hijack, home, homepage, launch, mozilla, msiexec.exe, prozess, registry, rundll, scan, security, software, stick, symantec, system, usb, virus, windows |